
SonicWall SMA1000 CVSS 10.0 Zero-Day Hits Remote Access Gateways
SonicWall warns of active exploitation of CVE-2026-15409 (CVSS 10.0) and CVE-2026-15410 in SMA1000 appliances. Federal agencies must patch by July

SonicWall warns of active exploitation of CVE-2026-15409 (CVSS 10.0) and CVE-2026-15410 in SMA1000 appliances. Federal agencies must patch by July

CISA added three SharePoint CVEs to its KEV catalog after confirming active attack chains combining auth bypass, code execution, and

The DOJ unsealed charges against three Russians who ran Media Land and ML.Cloud, bulletproof hosting that served LockBit, Blacksuit, and

Progress confirmed a path traversal zero-day in ShareFile SZC 5.x and 6.x after ordering an emergency shutdown. Patches 5.12.5 and

ArcticWolf exposed a campaign using 300 fake GitHub repos to deliver BoryptGrab, an infostealer that bypasses Chrome App-Bound Encryption via

Manifold disclosed two unpatched flaws in Claude for Chrome allowing malicious extensions to invoke the AI agent and silently access

Four official AsyncAPI npm packages were compromised to deliver Miasma, a botnet loader using six C2 channels including Ethereum smart

Spanish National Police and Europol dismantled a €140 million BEC and investment fraud ring, arresting four suspects across Spain, Portugal,

Siemens, Rockwell, and Schneider Electric issued ICS Patch Tuesday advisories, including a CVSS 10.0 Opencenter X auth bypass and CompactLogix

Broadcom patched seven VMware Avi vulnerabilities, including a critical authentication bypass in the control plane. No active exploitation has been
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.